
\Section{Challenges} 

Given a program, AutoDSLR compiles it in the following steps, first AutoDSLR allocates a global buffer as the key
mapping in the program. When encountering the data structure memory access, AutoDSLR modifies the data structure operations to access
the fields' memory based on the random key. In addition, AutoDSLR
regulates the random key of the data structure instance when it has
been accessed by a few operations (we call it re-randomization window)
since last key update. However, it is a non-trivial task, there are
mainly four challenges.
\begin{itemize}
\item\textbf{Static Data Structure Analysis.}
To randomize the layout of the data structure instance. AutoDSLR
modifies data structure operations to rebuild the memory layout of
the data structure instances. However, the data structure operations
are relatively complicated (e.g., indirect\_ref, array\_ref, nested
data structure). In addition, the offset of the field in data
structure is based on the specific architecture (e.g., 32/64 bits)
and compiler options(\#pragma pack(n)), even worse, some flexible
array will introduce the variable-size data structure in the program
and prevent us to calculate the offset of the field.
\item\textbf{Dynamic Key Mapping Update.}
Since our goal is to change the memory layout of the data structure
instance from time to time, the key should be dynamically updated.
The problem is how to keep the consistency between the memory layout
and the key. For example, data structure initialization (e.g.,
compound literals initialization, assembly level kernel
initialization, designated initializer) is manipulated before the
randomization, it will conflict with our randomization method due to
the different memory layout of data structure. Another case is, when
the key is updated, how to operate on the randomized memory layout
which is controlled by previous key.
\item\textbf{Pointer Problem.}
In C/C++, the pointers may point to the same memory object. However,
each data structure instance has their own key, there will occur not
only the inconsistency between the pointers with different data
structure type, but also the ones with the same data structure type.
In addition, some atomic type such as \texttt{int
*}, \texttt{void *}, \texttt{char *}, may point to the data
structure instances, and access the memory according to the
definition of the data structure. Even worse, the pointer may point
to certain field of the data structure instances, and the
randomization to data structure may lead the pointer point to the
error area.
\item\textbf{External API and Shared API.}
As we know, the applications often uses the external API (e.g., GNU
GLIBC libraries) or may share the API with other programs (e.g.,
system call and hypercall). When we apply the randomization on the
data structure instances that are used in the external API or shared
API, it may influence the communication between the
applications(e.g.,network,file).
\end{itemize}
